Hi!
Got a mail from Paypal stating that my site where hosting a fake Paypal page for an hour back. Found a bunch of php files under the 4images directory "data".
Just want to warn anybody since my installation was fresh from Jan 14.
Note! Im not saying it is actually 4images that are to blame but since the files was found under the data directory there could be a hole somewhere.
Digging in the logs to find more.